Description of problem:
There are ciphers which can exist with both SSL and TLS in its name but some JDKs can support only one of those.
E.g. when using [1] the java recognizes only SSL variant of DHE_RSA_WITH_3DES_EDE_CBC_SHA => SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA (it doesn't know cipher TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, which results in server not being able to match appropriate cipher when using DHE-RSA-DES-CBC3-SHA as cipher suite name
[1] JDK 1.7 with security unlimited
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)

When checking with EAP 6.4.0.ER1, I have found that ciphers on IBM JDK have only SSL variant without having TLS variant using [1] which results in "no cipher match" match error for ciphers not having defined alias even though they should be supported on given JDK.
E.g. if you define cipher-suite as "AES+SHA" there are multiple ciphers which should match this criteria, nevertheless due being defined as TLS_... without SSL_... as alias the connector fails to start with "no cipher match" error.
E.g. one of matching ciphers to "AES+SHA" which is supported on IBM JDK is SSL_RSA_WITH_AES_128_CBC_SHA, and in org.apache.tomcat.util.net.jsse.openssl.Cipher there is only TLS_RSA_WITH_AES_128_CBC_SHA without defined alias to SSL_RSA_WITH_AES_128_CBC_SHA
[1] method for getting default vs supported ciphers in used JAVA
public static synchronized Set<String> getDefaultCipherSuitesFromJDK() {
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
// String[] cipherSuites = factory.getDefaultCipherSuites(); // for default ciphers
String[] cipherSuites = factory.getSupportedCipherSuites(); // for supported ciphers
return new HashSet<String>(Arrays.asList(cipherSuites));
}